File Name: The Ethical Hack: A Framework for Business Value Penetration Testing
File Submitter: Nanflexal
File Submitted: 25 Sep 2009
File Category: Security
Product Description The Ethical Hack: A Framework for Business Value Penetration Testing lays out the underlying methodologies and concepts required for performing successful and valuable penetration testing. The author discusses the process of penetration testing from a consultative point of view to ensure that the true value of the test is realized. He supplies a technical perspective of the common tools and exploits used by attackers along with the rational for why they are used and the information they provide the attacker. Finally, the text brings it all together in the form of attack scenarios to show the complete cycle of the attack from the hacker's perspective to the client's.
Click here to download this file
File Name: The Cyberspace Handbook
File Submitter: Nanflexal
File Submitted: 25 Sep 2009
File Category: Security
Product Description The Cyberspace Handbook is a comprehensive guide to all aspects of new media, information technologies and the Internet. It gives an overview of the economic, political, social and cultural contexts of cyberspace, and provides practical advice on using new technologies for research, communication and publication.
The Cyberspace Handbook explores how cyberspace has been constructed, how it is used and extends into areas as different as providing us immediate news or immersive games and virtual reality, the challenges raised by computer and communications technologies for areas such as copyright and cybercrime, as well as key skills in employing the Internet for research or writing and designing for the Web.
Click here to download this file
File Name: The Tao of Network Security Monitoring: Beyond Intrusion Detection
File Submitter: Nanflexal
File Submitted: 25 Sep 2009
File Category: Security
From the Back Cover "The book you are about to read will arm you with the knowledge you need to defend your network from attackersâboth the obvious and the not so obvious.... If you are new to network security, don't put this book back on the shelf! This is a great book for beginners and I wish I had access to it many years ago. If you've learned the basics of TCP/IP protocols and run an open source or commercial IDS, you may be asking 'What's next?' If so, this book is for you."
âRon Gula, founder and CTO, Tenable Network Security, from the Foreword
"Richard Bejtlich has a good perspective on Internet securityâone that is orderly and practical at the same time. He keeps readers grounded and addresses the fundamentals in an accessible way."
âMarcus Ranum, TruSecure
"This book is not about security or network monitoring: It's about both, and in reality these are two aspects of the same problem. You can easily find people who are security experts or network monitors, but this book explains how to master both topics."
âLuca Deri, ntop.org
"This book will enable security professionals of all skill sets to improve their understanding of what it takes to set up, maintain, and utilize a successful network intrusion detection strategy."
âKirby Kuehl, Cisco Systems Every network can be compromised. There are too many systems, offering too many services, running too many flawed applications. No amount of careful coding, patch management, or access control can keep out every attacker. If prevention eventually fails, how do you prepare for the intrusions that will eventually happen?
Network security monitoring (NSM) equips security staff to deal with the inevitable consequences of too few resources and too many responsibilities. NSM collects the data needed to generate better assessment, detection, and response processesâresulting in decreased impact from unauthorized activities.
In
The Tao of Network Security Monitoring, Richard Bejtlich explores the products, people, and processes that implement the NSM model. By focusing on case studies and the application of open source tools, he helps you gain hands-on knowledge of how to better defend networks and how to mitigate damage from security incidents.
Inside, you will find in-depth information on the following areas.
- The NSM operational framework and deployment considerations.
- How to use a variety of open-source toolsâincluding Sguil, Argus, and Etherealâto mine network traffic for full content, session, statistical, and alert data.
- Best practices for conducting emergency NSM in an incident response scenario, evaluating monitoring vendors, and deploying an NSM architecture.
- Developing and applying knowledge of weapons, tactics, telecommunications, system administration, scripting, and programming for NSM.
- The best tools for generating arbitrary packets, exploiting flaws, manipulating traffic, and conducting reconnaissance.
Whether you are new to network intrusion detection and incident response, or a computer-security veteran, this book will enable you to quickly develop and apply the skills needed to detect, prevent, and respond to new and emerging threats.
Click here to download this file
Microsoft ISA Server 2006 UnleashedBy Michael Noel
Publisher: Sams
Number Of Pages: 600
Publication Date: 2007-12-05
ISBN-10 / ASIN: 0672329190
ISBN-13 / EAN: 9780672329197
Binding: Paperback
ISA Server 2006 is a robust application layer firewall that provides organizations with the ability to secure critical business infrastructure from the exploits and threats of the modern computing world. ISAâs ability to act as an edge firewall, a Virtual Private Networking solution, a reverse proxy server, or a content caching device give it unprecedented flexibility and position it as a valuable security tool for many types of organizations.
ISA Server 2006 Unleashed provides insight into the inner workings of the product, as well as providing best-practice advice on design and implementation concepts for ISA. In addition to detailing commonly requested topics such as securing Outlook Web Access, deploying ISA in a firewall DMZ, and monitoring ISA traffic, this book provides up-to-date information about the new enhancements made to the 2006 version of the product. The author draws upon his experience deploying and managing enterprise ISA environments to present real-world scenarios, outline tips and tricks, and provide step-by-step guides to securing infrastructure using ISA.
Summary: Missing the Mark
Rating: 2
Considering this book was months late, I would have thought that it would have covered the protection and configuration of Microsoft messaging product Exchange 2007. Alas, it only covers Exchange 2003. Exchange 2007 RTM has been out for a year, so the absence of Exchange 2007 security and reverse proxy â and the lack of support of mobile device (ActiveSync) security makes this book unacceptable to me. My experience with ISA 2006 is to combine it with other applications. Messaging applications and collaboration applications are the biggest type of applications ISA protects. So coverage of these types of products is mandatory. Yes, it covers ISA 2006 itself well, but as more companies deploy SharePoint 2007 and Exchange 2007, this book is outdated immediately the day it was published because of itâs lack of 2007 coverage. Since this will likely be the only third-party book published covering ISA 2006, by itself it is a disappointment. If you are new to the ISA product, then this book will give you the basics. If you are looking to truly dive deep into protecting complex applications such as Exchange 2007, pass on this one. Dedicate your research to Microsoft TechNet and blogs on the treatment of ISA and the products you are protecting and youâll do much better.
Download:
CODEhttp://rapidshare.com/files/283106801/0672329190.7z
